1. Field of the Invention
The present invention relates to data collection over networks. More particularly, the present invention relates to techniques for tracking information of individuals.
2. Background of the Invention
The advent of the electronic era has made it much easier for people to transact business and conduct their affairs. People can now obtain nearly anything they need online, from books and music to groceries. Laborious, time-intensive tasks, such as applying for mortgages and student loans, can now be done with a simple click of the mouse. Employers and employees can submit timecards and perform other payroll activities online. Electronic mail, instant messaging, and video-conferencing have made communication easier and faster than ever before.
However, the electronic age is not without its drawbacks. Every time a customer uses a credit card to order a product over the Internet, the user's credit card number is stored in the online seller's database. This database may also contain other personal information, such as the customer's name and address. Other databases may include more sensitive data, such as a social security number or information about a customer's financial holdings. The number of databases containing the user's personal information increases every time a user conducts business with a third party. Eventually, the user will lose track of who has what information about the user.
The proliferation of personal information in multiple databases results in users losing control of their own personal information. The likelihood of a security breach involving the user's personal information increases with the number of databases storing that information. Front page headlines have exposed breaches of commercial databases that resulted in the theft of thousands of credit card numbers and other personal information.
In addition to theft, the user's loss of control over his personal information manifests itself in other ways. Several companies use the personal information stored in their database to create marketing lists of customers using the customer's names, addresses, and electronic mail addresses. If a customer has engaged in repeat business with the company, the company may also be able to correlate the customer with one or more interests. Once a company has compiled such a marketing list, the company could sell the list to telemarketers. A marketing list can often become a company's most valuable asset. The user has little control over the company's use of his personal information.
The consumer's loss of control over his personal information can have more dangerous consequences as well. The easy accessibility of personal information makes it easy for private investigators and stalkers to gain access to information about the user's whereabouts, such as his home address or telephone number. The private investigator or stalker could then use the information to spy on the consumer or physically or verbally harass him.
Recently, several efforts have been made to curtail the problem of proliferating personal information. Legislation has been passed, or proposed, to limit the ability of companies to sell their marketing lists to others. Laws against “identity theft” have been strengthened. Consumer protection laws now provide greater protection and reduced liability to consumers in the event of fraud. However, these efforts are stop-gaps. They address the symptoms of the problem, not the cause.
One important issue is the user's lack of control over his own personal information. Because the user does not control the dissemination of his personal information, others are free to do whatever they want with that personal information, such as store it in insecure databases or sell it to unscrupulous telemarketers. The user, who cannot control his own personal information, has few options other than to appeal to the political or legal process, which is often slow and cumbersome. Further, since companies often have impressive lobbying capabilities, consumer protection advocates are often at a disadvantage in the political world, where they run up against the political clout of the marketing companies and other special interests. Similarly, if a user files a lawsuit, he must contend with a well-financed team of attorneys.
What is needed, therefore, is a way in which users can control access to their own personal information with minimal fear of the loss or personal information to third parties or such dissemination between groups that have no prior right to possess or control such information.